Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Cybersecurity – Attack and Defense Strategies, 3rd edition
  • Toc
  • feedback
Cybersecurity – Attack and Defense Strategies, 3rd edition

Cybersecurity – Attack and Defense Strategies, 3rd edition

By : Yuri Diogenes, Dr. Erdal Ozkaya
4.9 (42)
close
Cybersecurity – Attack and Defense Strategies, 3rd edition

Cybersecurity – Attack and Defense Strategies, 3rd edition

4.9 (42)
By: Yuri Diogenes, Dr. Erdal Ozkaya

Overview of this book

Cybersecurity – Attack and Defense Strategies, Third Edition will bring you up to speed with the key aspects of threat assessment and security hygiene, the current threat landscape and its challenges, and how to maintain a strong security posture. In this carefully revised new edition, you will learn about the Zero Trust approach and the initial Incident Response process. You will gradually become familiar with Red Team tactics, where you will learn basic syntax for commonly used tools to perform the necessary operations. You will also learn how to apply newer Red Team techniques with powerful tools. Simultaneously, Blue Team tactics are introduced to help you defend your system from complex cyber-attacks. This book provides a clear, in-depth understanding of attack/defense methods as well as patterns to recognize irregular behavior within your organization. Finally, you will learn how to analyze your network and address malware, while becoming familiar with mitigation and threat detection techniques. By the end of this cybersecurity book, you will have discovered the latest tools to enhance the security of your system, learned about the security controls you need, and understood how to carry out each step of the incident response process.
Table of Contents (20 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Security Posture
Security Posture
Why security hygiene should be your number one priority
The current threat landscape
Cybersecurity challenges
Enhancing your security posture
The Red and Blue Teams
Summary
References
Free Chapter
2
Incident Response Process
chevron up
Incident Response Process
The incident response process
Handling an incident
Post-incident activity
Considerations for incident response in the cloud
Summary
References
3
What is a Cyber Strategy?
What is a Cyber Strategy?
How to build a cyber strategy
Why do we need to build a cyber strategy?
Best cyber attack strategies
Best cyber defense strategies
Benefits of having a proactive cybersecurity strategy
Top cybersecurity strategies for businesses
Conclusion
Further reading
4
Understanding the Cybersecurity Kill Chain
Understanding the Cybersecurity Kill Chain
Understanding the Cyber Kill Chain
Security controls used to stop the Cyber Kill Chain
Threat life cycle management
Concerns about the Cybersecurity Kill Chain
How the Cyber Kill Chain has evolved
Tools used during the Cyber Kill Chain
Comodo AEP via Dragon Platform
Summary
Further reading
References
5
Reconnaissance
Reconnaissance
External reconnaissance
Internal reconnaissance
Tools used for reconnaissance
Passive vs. active reconnaissance
How to combat reconnaissance
How to prevent reconnaissance
Summary
References
6
Compromising the System
Compromising the System
Analyzing current trends
Performing the steps to compromise a system
Mobile phone (iOS/Android) attacks
Summary
Further reading
References
7
Chasing a User’s Identity
Chasing a User’s Identity
Identity is the new perimeter
Strategies for compromising a user’s identity
Summary
References
8
Lateral Movement
Lateral Movement
Infiltration
Network mapping
Performing lateral movement
Summary
Further reading
References
9
Privilege Escalation
Privilege Escalation
Infiltration
Summary
References
10
Security Policy
Security Policy
Reviewing your security policy
Educating the end user
Policy enforcement
Monitoring for compliance
Continuously driving security posture enhancement via security policy
Summary
References
11
Network Security
Network Security
The defense-in-depth approach
Physical network segmentation
Securing remote access to the network
Virtual network segmentation
Zero trust network
Hybrid cloud network security
Summary
References
12
Active Sensors
Active Sensors
Detection capabilities
Intrusion detection systems
Intrusion prevention system
Behavior analytics on-premises
Behavior analytics in a hybrid cloud
Summary
References
13
Threat Intelligence
Threat Intelligence
Introduction to threat intelligence
Open-source tools for threat intelligence
Microsoft threat intelligence
Summary
References
14
Investigating an Incident
Investigating an Incident
Scoping the issue
Investigating a compromised system on-premises
Investigating a compromised system in a hybrid cloud
Proactive investigation (threat hunting)
Lessons learned
Summary
References
15
Recovery Process
Recovery Process
Disaster recovery plan
Live recovery
Contingency planning
Business continuity plan
Best practices for disaster recovery
Summary
Further reading
References
16
Vulnerability Management
Vulnerability Management
Creating a vulnerability management strategy
Elements of a vulnerability strategy
Differences between vulnerability management and vulnerability assessment
Best practices for vulnerability management
Vulnerability management tools
Conclusion
Summary
Further reading
References
17
Log Analysis
Log Analysis
Data correlation
Operating system logs
Firewall logs
Web server logs
Amazon Web Services (AWS) logs
Azure Activity logs
Google Cloud Platform Logs
Summary
References
18
Other Books You May Enjoy
Other Books You May Enjoy
19
Index
Index

Summary

In this chapter, you learned about the incident response process, and how this fits into the overall purpose of enhancing your security posture.

You also learned about the importance of having an incident response process in place to rapidly identify and respond to security incidents. By planning each phase of the incident response life cycle, you create a cohesive process that can be applied to the entire organization. The foundation of the incident response plan is the same for different industries and, on top of this foundation, you can include the customized areas that are relevant to your own business. You also came across the key aspects of handling an incident, and the importance of post-incident activity—which includes full documentation of the lessons learned—and how to use this information as input to improve the overall process. Lastly, you learned the basics of incident response in the cloud and how this can affect your current process.

In the next chapter, you will gain an understanding of the mindset of an attacker, the different stages of an attack, and what usually takes place in each one of these phases. This is an important concept for the rest of the book, considering that the attack and defense exercises will be using the cybersecurity kill chain as a foundation.

End of Section 6
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete